Technical Information
- ddlsho.exe
- %TEMP%\ddlsho.exe
- %TEMP%\ddvc.exe
- http://ff##dsv.ug/rac1.exe
- http://ff##scs.ug/ds1.exe
- DNS ASK ff##dsv.ug
- DNS ASK drive.google.com
- DNS ASK ff##scs.ug
- '%TEMP%\ddlsho.exe'
- '%TEMP%\ddvc.exe'
- '%WINDIR%\syswow64\cmstp.exe' /au %WINDIR%\temp\rp31z0wm.inf